Sr Application Security Architect (Cary)

Senior Application Security Architect

We're a leader in data and AI. Through our software and services, we inspire customers around the world to transform data into intelligence - and questions into answers.

We're also a debt-free multi-billion-dollar organization on our path to IPO-readiness. If you're looking for a dynamic, fulfilling career coupled with flexibility and world-class employee experience, you'll find it here.

About the Job

As a Senior Application Security Architect within the Product Security Organization (PSO), you will be a key contributor to SAS solution security. Successful candidates will partner with architecture, engineering, and cloud hosting helping to solve complex technical problems anywhere in the Software Development Lifecycle (SDLC) from design and development through to deployment and operations. Technical security breadth and depth as well as clear, concise and effective communications are key this role requires a diverse set of skills in systems architecture, software development, and cyber-security. Success will depend on your collaborative skills working toward the SAS goal of meeting legal, compliance, and customer security requirements as part of providing SAS customers with the most trustworthy solutions globally.

As a Senior Application Security Architect at SAS, you will :

• Collaborate across R&D and cloud hosting teams to strategically improve the security posture of business-critical multi-tier solutions in legacy, hybrid cloud, and public cloud environments. Includes tactical refactoring, environment promotion, and Secure by Default deployment and configuration to maintain security consistency if not parity between all environments.
• Collaborate in the planning of evolutionary paths for secure architectures and systems incorporating and aligning dependent third-party architectures as well as the adoption of new technologies while maintaining a robust and consistent security posture. Includes employing specific security compensating controls, defense in depth, and security posture aspects in support of Secure by Design, Secure by Default (deployment and configuration), and Zero Trust Architectural principles.
• Work with development teams providing security assessment and hardening of products spanning the SDLC and development pipelines left / early-shifted wherever possible. Includes performing periodic secure design, threat modeling, code reviews, or direct verification to identify and triage issues assessing the security risk and recommending remediation steps for vulnerabilities and weaknesses.
• Collaborate with Product Management stakeholders to ensure security implementations are consistent with business objectives, customer requirements, and applicable global regulations.
• Identify, train, and partner with Security Champions in place with product R&D teams. Help champions assess and gauge risk to identify security gaps or seams in the products and integrated solutions.
• Create and maintain secure engineering documentation, guidance, or training collateral supporting with PSO standards, policies, and procedures.
• Collaborate with other teams within security to identify new tools and processes to integrate into the Secure SDLC. Recommend and promote software security policies, standards, and procedures that can improve the global SAS security posture. Mentor and coach within the Product Security Office and other Security Architects aligned with your security breadth and building depth via subject matter expertise.

Required Qualifications

Preferred Qualifications

World-Class Benefits

Highlights include...

Diverse and Inclusive

At SAS, it's not about fitting into our culture it's about adding to it. We believe our people make the difference. Our diverse workforce brings together unique talents and inspires teams to create amazing software that reflects the diversity of our users and customers. Our commitment to diversity is a priority to our leadership, all the way up to the top; and it's essential to who we are. To put it plainly : you are welcome here.

Additional Information :

To qualify, applicants must be legally authorized to work in the United States, and should not require, now or in the future, sponsorship for employment visa status. SAS is an equal opportunity / Affirmative Action employer. All qualified applicants are considered for employment without regard to race, color, religion, gender, sexual orientation, gender identity, age, national origin, disability status, protected veteran status or any other characteristic protected by law. Read more : Know Your Rights.

Resumes may be considered in the order they are received. SAS employees performing certain job functions may require access to technology or software subject to export or import regulations. To comply with these regulations, SAS may obtain nationality or citizenship information from applicants for employment. SAS collects this information solely for trade law compliance purposes and does not use it to discriminate unfairly in the hiring process.

SAS only sends emails from verified sas.com email addresses and never asks for sensitive, personal information or money. If you have any doubts about the authenticity of any type of communication from, or on behalf of SAS, please contact Recruitingsupport@sas.com.

#SAS